EP4293990A3 - Method and system for user plane traffic characteristics and network security - Google Patents

Method and system for user plane traffic characteristics and network security Download PDF

Info

Publication number
EP4293990A3
EP4293990A3 EP23207520.0A EP23207520A EP4293990A3 EP 4293990 A3 EP4293990 A3 EP 4293990A3 EP 23207520 A EP23207520 A EP 23207520A EP 4293990 A3 EP4293990 A3 EP 4293990A3
Authority
EP
European Patent Office
Prior art keywords
plane traffic
user plane
user equipment
network element
characteristic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP23207520.0A
Other languages
German (de)
French (fr)
Other versions
EP4293990A2 (en
Inventor
Nicholas Patrick Alfano
Axel Ferrazzini
Dake He
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Malikie Innovations Ltd
Original Assignee
Malikie Innovations Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Malikie Innovations Ltd filed Critical Malikie Innovations Ltd
Publication of EP4293990A2 publication Critical patent/EP4293990A2/en
Publication of EP4293990A3 publication Critical patent/EP4293990A3/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/06Generation of reports
    • H04L43/062Generation of reports related to network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/535Tracking the activity of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Environmental & Geological Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Monitoring And Testing Of Exchanges (AREA)

Abstract

A method at a network element for monitoring user plane traffic for a user equipment, the method comprising: receiving, from the user equipment, a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the range of values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the range of values, performing an action resulting from the characteristic violation; wherein the receiving is performed during a network registration procedure between the user equipment and the network element.
EP23207520.0A 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security Pending EP4293990A3 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US15/692,836 US10681072B2 (en) 2017-08-31 2017-08-31 Method and system for user plane traffic characteristics and network security
EP18849911.5A EP3652982B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security
PCT/CA2018/051031 WO2019041029A1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security
EP22196027.1A EP4124103B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
EP22196027.1A Division EP4124103B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security
EP18849911.5A Division EP3652982B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security

Publications (2)

Publication Number Publication Date
EP4293990A2 EP4293990A2 (en) 2023-12-20
EP4293990A3 true EP4293990A3 (en) 2024-01-10

Family

ID=65437982

Family Applications (3)

Application Number Title Priority Date Filing Date
EP22196027.1A Active EP4124103B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security
EP23207520.0A Pending EP4293990A3 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security
EP18849911.5A Active EP3652982B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security

Family Applications Before (1)

Application Number Title Priority Date Filing Date
EP22196027.1A Active EP4124103B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security

Family Applications After (1)

Application Number Title Priority Date Filing Date
EP18849911.5A Active EP3652982B1 (en) 2017-08-31 2018-08-28 Method and system for user plane traffic characteristics and network security

Country Status (7)

Country Link
US (3) US10681072B2 (en)
EP (3) EP4124103B1 (en)
KR (1) KR102595014B1 (en)
CN (1) CN111165013B (en)
CA (1) CA3072968A1 (en)
ES (1) ES2969664T3 (en)
WO (1) WO2019041029A1 (en)

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109586900B (en) * 2017-09-29 2020-08-07 华为技术有限公司 Data security processing method and device
US11528328B2 (en) * 2017-12-15 2022-12-13 Nokia Technologies Oy Stateless network function support in the core network
KR102075659B1 (en) * 2017-12-22 2020-02-10 한국전자통신연구원 Access network switching method in heterogeneous radio access network and terminal perfomrming the same
US10425332B2 (en) * 2017-12-29 2019-09-24 Nfware, Inc. Method for processing packets using ALG DNS
EP3531654A1 (en) * 2018-02-23 2019-08-28 Gemalto Sa Method for using authentication failure messages to transmit payload data
US11849318B2 (en) * 2018-03-22 2023-12-19 British Telecommunications Plc Wireless communication network authentication
US11140047B2 (en) * 2018-04-09 2021-10-05 Intel Corporation Network data analytics function (NWDAF) influencing fifth generation (5G) quality of service (QoS) configuration and adjustment
CN110913389B (en) * 2018-09-15 2022-04-05 华为技术有限公司 Method and device for acquiring security context
CN110943964B (en) * 2018-09-21 2022-07-22 华为技术有限公司 Data checking method, device and storage medium
CN113748695B (en) * 2019-02-28 2023-11-10 瑞典爱立信有限公司 Method for providing management of emergency sessions, and related device and node
CN111641582B (en) * 2019-03-01 2021-11-09 华为技术有限公司 Safety protection method and device
CN112105021B (en) * 2019-06-17 2022-05-10 华为技术有限公司 Authentication method, device and system
CN112333072B (en) * 2019-08-05 2022-12-23 成都鼎桥通信技术有限公司 Internet of things enhanced Non-IP data transmission method and device
EP4018620A4 (en) * 2019-08-19 2023-08-30 Telefonaktiebolaget LM Ericsson (publ.) Method and apparatus for performing protection control in a core network
US11197154B2 (en) 2019-12-02 2021-12-07 At&T Intellectual Property I, L.P. Secure provisioning for wireless local area network technologies
US11381594B2 (en) * 2020-03-26 2022-07-05 At&T Intellectual Property I, L.P. Denial of service detection and mitigation in a multi-access edge computing environment
WO2021195894A1 (en) * 2020-03-30 2021-10-07 Oppo广东移动通信有限公司 Integrity protection method and communication apparatus
KR102645975B1 (en) * 2020-04-30 2024-03-12 삼성전자주식회사 Method and apparatus for protecting sensitive user plane traffic
US11343742B2 (en) 2020-05-22 2022-05-24 Blackberry Limited Preserving emergency call during failure to transfer
US11832107B2 (en) * 2020-07-30 2023-11-28 Apple Inc. Recovering devices from limited service due to mis-configuration
EP4040757A1 (en) * 2021-02-09 2022-08-10 Telia Company AB Monitoring of communication
CN113114649B (en) * 2021-04-02 2024-01-05 腾讯科技(深圳)有限公司 Method, device, equipment and medium for solving denial of service attack
US20220386179A1 (en) * 2021-05-25 2022-12-01 Cisco Technology, Inc. Configuration and use of allocated bandwidths for predefined service classifications associated with predefined types of a communication resource at a user plane function node
CN113259202A (en) * 2021-06-28 2021-08-13 四川新网银行股份有限公司 Method and system for monitoring unsafe file sharing
US11902260B2 (en) * 2021-08-02 2024-02-13 Cisco Technology, Inc. Securing control/user plane traffic
WO2023101161A1 (en) * 2021-11-30 2023-06-08 삼성전자 주식회사 Traffic optimization module, and operation method therefor
US11775904B1 (en) * 2023-03-02 2023-10-03 Sybal Enterprises Inc. System and method for managing digital governance in digital ecosystem

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016119822A1 (en) * 2015-01-27 2016-08-04 Nokia Solutions And Networks Oy Traffic flow monitoring
US20170230832A1 (en) * 2016-02-04 2017-08-10 StarHome Mach GmbH Data security for internet of things (iot) devices

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6907243B1 (en) * 1999-06-09 2005-06-14 Cisco Technology, Inc. Method and system for dynamic soft handoff resource allocation in a wireless network
US9529996B2 (en) * 2011-10-11 2016-12-27 Citrix Systems, Inc. Controlling mobile device access to enterprise resources
US9247443B2 (en) * 2013-07-25 2016-01-26 Qualcomm Incorporated Method and apparatus for use in detecting changes within wireless signal environment
US10122747B2 (en) * 2013-12-06 2018-11-06 Lookout, Inc. Response generation after distributed monitoring and evaluation of multiple devices
CN104244276A (en) * 2014-07-25 2014-12-24 中兴通讯股份有限公司 Reconfiguration request method and reconfiguration method and device
US9344455B2 (en) * 2014-07-30 2016-05-17 Motorola Solutions, Inc. Apparatus and method for sharing a hardware security module interface in a collaborative network
US10826940B2 (en) * 2016-03-11 2020-11-03 Netskope, Inc. Systems and methods of enforcing multi-part policies on data-deficient transactions of cloud computing services
JP6911411B2 (en) * 2017-03-14 2021-07-28 富士通株式会社 Communication devices, communication systems, communication control methods, and programs

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016119822A1 (en) * 2015-01-27 2016-08-04 Nokia Solutions And Networks Oy Traffic flow monitoring
US20170230832A1 (en) * 2016-02-04 2017-08-10 StarHome Mach GmbH Data security for internet of things (iot) devices

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "Allowing IP range in Windows Firewall - Super User", 10 January 2011 (2011-01-10), XP093106405, Retrieved from the Internet <URL:https://superuser.com/questions/231358/allowing-ip-range-in-windows-firewall> [retrieved on 20231128] *

Also Published As

Publication number Publication date
WO2019041029A1 (en) 2019-03-07
EP4293990A2 (en) 2023-12-20
US20200259853A1 (en) 2020-08-13
US20190068625A1 (en) 2019-02-28
US11496496B2 (en) 2022-11-08
EP4124103A1 (en) 2023-01-25
EP3652982A4 (en) 2021-04-14
EP4124103B1 (en) 2023-11-22
KR102595014B1 (en) 2023-10-26
ES2969664T3 (en) 2024-05-21
CN111165013A (en) 2020-05-15
US10681072B2 (en) 2020-06-09
KR20200043459A (en) 2020-04-27
EP3652982B1 (en) 2022-11-09
CA3072968A1 (en) 2019-03-07
US20230050239A1 (en) 2023-02-16
CN111165013B (en) 2023-09-22
EP3652982A1 (en) 2020-05-20
EP4124103C0 (en) 2023-11-22

Similar Documents

Publication Publication Date Title
EP4293990A3 (en) Method and system for user plane traffic characteristics and network security
EP3855692A4 (en) Network security monitoring method, network security monitoring device, and system
EP3589052A4 (en) Resource indication method, terminal device, and network device
EP3910975A4 (en) Wireless network access method, device, equipment and system
EP3902199A4 (en) Identity check method for network function service, and related device
EP3446464A4 (en) Systems and method for quality of service monitoring, policy enforcement, and charging in communications network
EP3740025A4 (en) Network access method, device, and system
EP3846507A4 (en) Local area network communication method, device, and system
EP3554155A4 (en) Resource indication method, user equipment and network device
MX2019012560A (en) Access category and establishment cause.
MX2018006511A (en) A wireless device, a radio network node, and methods therein for access control in a communications network.
MX2018007938A (en) Method for establishing a roaming connection.
EP3764594A4 (en) Network device management method, apparatus and system
MX2018002896A (en) Systems and methods for reuse of wireless communication resources in neighboring communication networks.
MX2020006875A (en) Methods of determining access categories and/or establishment causes and related devices.
EP3678449A4 (en) Connection management method, user equipment, core network entity, and system
EP4002547A4 (en) Monitoring device, management system, and management method
EP3893196A4 (en) Authentication system, management device, and authentication method
EP3544329A4 (en) Communication system, communication management method, and network management device
EP3713282A4 (en) Management method, device and system for network service
EP3567820A4 (en) Resource indication method, network device and terminal device
EP3993482A4 (en) Link management method, wake-up signal detection method, terminal device and network device
EP3809647A4 (en) Network management system, management device, relay device, method, and program
EP3787232A4 (en) Network configuration method, device, and system
EP3672314A4 (en) Network management method, device and system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Free format text: PREVIOUS MAIN CLASS: H04L0067500000

Ipc: H04W0028020000

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AC Divisional application: reference to earlier application

Ref document number: 3652982

Country of ref document: EP

Kind code of ref document: P

Ref document number: 4124103

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 9/40 20220101ALI20231201BHEP

Ipc: H04L 67/50 20220101ALI20231201BHEP

Ipc: H04L 43/16 20220101ALI20231201BHEP

Ipc: H04L 43/0876 20220101ALI20231201BHEP

Ipc: H04L 43/062 20220101ALI20231201BHEP

Ipc: H04W 12/60 20210101ALI20231201BHEP

Ipc: H04W 12/12 20210101ALI20231201BHEP

Ipc: H04W 12/033 20210101ALI20231201BHEP

Ipc: H04W 24/04 20090101ALI20231201BHEP

Ipc: H04W 12/06 20210101ALI20231201BHEP

Ipc: H04W 12/02 20090101ALI20231201BHEP

Ipc: H04W 28/02 20090101AFI20231201BHEP

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20240319

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED